U.S. patent application number 15/961060 was filed with the patent office on 2018-11-01 for detecting counterfeit magnetic stripe cards using encoding jitter.
The applicant listed for this patent is University of Florida Research Foundation, Incorporated. Invention is credited to David P. Arnold, Christian Peeters, Walter N. Scaife, Patrick G. Traynor, Camilo Velez Cuervo.
Application Number | 20180314862 15/961060 |
Document ID | / |
Family ID | 63917253 |
Filed Date | 2018-11-01 |
United States Patent
Application |
20180314862 |
Kind Code |
A1 |
Traynor; Patrick G. ; et
al. |
November 1, 2018 |
DETECTING COUNTERFEIT MAGNETIC STRIPE CARDS USING ENCODING
JITTER
Abstract
Systems and methods for detecting counterfeit magnetic stripes
are provided. A method can include detecting magnetic flux
transitions encoded on a magnetic stripe and the variation in
distances between clocking flux transitions. The distance between
variations in clocking flux transitions is greater in counterfeit
cards than in legitimate cards. The variations in distances can be
compared with known values of legitimate cards to detect the
presence of a counterfeit magnetic stripe.
Inventors: |
Traynor; Patrick G.;
(Gainesville, FL) ; Arnold; David P.;
(Gainesville, FL) ; Scaife; Walter N.;
(Gainesville, FL) ; Peeters; Christian;
(Gainesville, FL) ; Velez Cuervo; Camilo;
(Gainesville, FL) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
University of Florida Research Foundation, Incorporated |
Gainesville |
FL |
US |
|
|
Family ID: |
63917253 |
Appl. No.: |
15/961060 |
Filed: |
April 24, 2018 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
62492548 |
May 1, 2017 |
|
|
|
Current U.S.
Class: |
1/1 |
Current CPC
Class: |
G06K 7/087 20130101 |
International
Class: |
G06K 7/08 20060101
G06K007/08 |
Goverment Interests
GOVERNMENT SUPPORT
[0002] This invention was made with government support under grant
number 1526718 awarded by the National Science Foundation. The
government has certain rights in the invention.
Claims
1. A method for detecting a counterfeit magnetic stripe, the method
comprising: providing an encoded magnetic stripe; placing the
encoded magnetic stripe under a magneto-optical imaging device;
capturing, by the magneto-optical imaging device, a magnetic stripe
image of the encoded magnetic stripe; and providing a computer
readable medium comprising stored instructions that when executed
causes at least one processor to: receive the magnetic strip image;
process the magnetic stripe image to recover each clocking flux
transition along the encoded magnetic stripe; identify each
location of the clocking flux transitions along the encoded
magnetic stripe; measure a distance between each successive
clocking flux transition; calculate a variance of the measured
distances between each of the successive the clocking flux
transitions; determine a critical value (V.sub.J) based on the mean
of the measured distances of the clocking flux transitions; compare
the critical value V.sub.J of the encoded magnetic stripe to a
standardized value for V.sub.J; and determine whether the encoded
magnetic stripe is counterfeit based on the compared critical value
V.sub.J of the encoded magnetic strip and the standardized value
for V.sub.J.
2. The method of claim 1, wherein the magnetic strip is encoded
with frequency/double frequency (F2F) technique.
3. The method of claim 1, wherein the magneto-optical imaging
device is a magneto-optical microscope using a bismuth substituted
yttrium iron garnet growth over a gadolinium gallium substrate,
covered by an aluminum reflective layer, and a sapphire protection
layer as a magneto-optical indicator film.
4. The method according to claim 1, wherein a first 10% of the
distances between clocking flux transitions are discarded and not
used in determining V.sub.3, and wherein the first 10% refers to
the initial 10% of a spatial distance along the encoded magnetic
stripe.
5. The method of claim 4, wherein, if the V.sub.J of the magnetic
stripe differs from the standardized value for V.sub.J by more than
a predetermined threshold value, the encoded magnetic stripe is
determined to be counterfeit.
6. The method of claim 5, wherein the processor is further
configured to insert the absolute locations of each clocking flux
transition in a vector D as follows: D=p.sub.1-p.sub.0 . . .
p.sub.m-p.sub.m-1 wherein p.sub.k is a location of clocking flux
transition.
7. The method of claim 6, wherein the processor is further
configured to take a distance of vector D and store the distance in
vector J as follows: J=D.sub.1-D.sub.0| . . .
|D.sub.m-1-D.sub.m-2.
8. The method of claim 7, wherein determining the V.sub.J of the
magnetic stripe comprises using the following formula: V J = k = 0
J - 1 ( J k - .mu. J ) 2 J , ##EQU00005## wherein, .mu..sub.J is
the mean of J, and |J| is the length of J.
9. The method of claim 1, wherein the measurement of distances is
only the distances between full-clock transitions.
10. A method for detecting a counterfeit magnetic stripe, the
comprising: providing an encoded magnetic stripe; swiping the
encoded magnetic stripe through a card reader to generate an analog
waveform, wherein the card reader is connected to an audio sink;
and providing a computer readable medium comprising stored
instructions that when executed cause at least one processor to:
discard data for swipes that are not read correctly; process the
analog waveform to a binary waveform; measure a distance between
clocking flux transitions of the binary waveform; determine a
variance of the measured distances between the clocking flux
transitions; determine a critical value (V.sub.J) based on a mean
of the measured distances between the clocking flux transitions;
and determine whether the encoded magnetic stripe is counterfeit
based upon the critical value.
11. The method of claim 11, wherein the first 10% of the distances
between clocking transitions are discarded and not used in
determining V.sub.J, and wherein the first 10% refers to the
initial 10% of a spatial distance along the encoded magnetic
stripe.
12. The method of claim 11, wherein, if the V.sub.J of the magnetic
stripe differs from the standardized value for V.sub.J by more than
a predetermined threshold value, the magnetic stripe is determined
to be counterfeit.
13. The method of claim 12, wherein the processor is further
configured to insert the absolute locations of each clocking flux
transition in a vector D as follows: D=p.sub.1-p.sub.0 . . .
p.sub.m-p.sub.m-1, wherein p.sub.k is a location of clocking flux
transition.
14. The method of claim 13, wherein the processor is further
configured to take a distance of vector D and store the distance in
vector J as follows: J=D.sub.1-D.sub.0| . . .
|D.sub.m-1-D.sub.m-2.
15. The method of claim 14, wherein determining the V.sub.J of the
magnetic stripe comprises using the following formula: V J = k = 0
J ( J k - .mu. J ) 2 J , ##EQU00006## wherein, .mu..sub.J is the
mean of J, and |J| is the length of J.
16. The method of the claim 10, wherein the measurement of
distances is only the distances between full-clock transitions.
17. A counterfeit card detecting apparatus, comprising: a card
reader connected to an audio sink; an audio sink connected to the
card reader to generate an analog waveform; and a machine-readable
medium connected to the card reader and comprising stored
instructions that when executed causes at least one processor to:
detect an analog waveform across the length of the encoded magnetic
stripe; detect a plurality of peaks of the analog wave form;
measure a distance between each successive pair of peaks of the
analog waveform; calculate a variance of the measured distances
between each of the successive the clocking flux transitions;
determine a critical value (V.sub.J) based on the mean of the
measured distances of the clocking flux transitions; compare the
critical value V.sub.J of the encoded magnetic stripe to a
standardized value for V.sub.J; and determine whether the encoded
magnetic stripe is counterfeit based on the compared critical value
V.sub.J of the encoded magnetic strip and the standardized value
for V.sub.J.
18. The apparatus of claim 17, wherein the processor is further
configured to the only measure distances between full-clock
transitions.
19. The apparatus of claim 18, wherein the processor is further
configured to discard the first 10% of the spatially located
distances between clocking flux transitions prior to determining
V.sub.J, wherein the first 10% refers to the initial 10% of a
spatial distance along the encoded magnetic stripe.
20. The apparatus of claim 19, wherein the processor is further
configured to determine the encoded magnetic stripe is counterfeit
if the V.sub.J of the magnetic stripe differs from the standardized
value for V.sub.J by more than a predetermined threshold value.
Description
CROSS-REFERENCE TO RELATED APPLICATION
[0001] This application claims the benefit of U.S. Provisional
Application Ser. No. 62/492,548, filed May 1, 2017, which is
incorporated herein by reference in its entirety, including any
figures, tables, and drawings.
BACKGROUND
[0003] Magnetic stripe cards, including but not limited to credit,
debit and gift cards, present a convenient method for conducting
consumer and commercial transactions in modern society. The growth
of e-commerce has further necessitated the need for the ability to
securely conduct financial transactions through electronic
methods.
[0004] The ubiquitous nature of magnetic stripe cards, coupled with
inadequate safeguards, has invited adversaries to develop methods
to copy or clone magnetic stripe cards. The relative ease with
which weak points can be identified and exploited creates a demand
for new and innovative procedural safeguards. The financial and
retail industries have attempted to strengthen magnetic card
integrity though adoption of EMV (Europay, MasterCard, and Visa)
standards ("Chip and PIN" or "Chip and Signature"). However,
deployment of EMV standards has been hampered by manufacturing
costs and existing cards that cannot be replaced. A better and more
innovative solution to physically replacing cards is to identify
counterfeit magnetic stripe cards through measurement and
comparison of variations in the width of the clocking flux
transitions on the magnetic stripe.
BRIEF SUMMARY
[0005] Embodiments of the subject invention provide devices,
protocols, and methods for detection of counterfeit magnetic stripe
cards. Methods can be designed to detect the presence of
counterfeit magnetic stripe cards including but not limited to
credit cards, debits cards, and gift cards (open-loop and
closed-loop). The protocols and methods of described herein present
new opportunities for vendors to discourage creation of cloned
magnetic stripe cards and prevent or inhibit fraudulent
transactions. Experimental analysis and simulations have shown that
the device can accurately detect the presence of variations between
clock fluctuations of legitimate and counterfeit magnetic
stripes.
[0006] In an embodiment, a method of detecting counterfeit magnetic
stripes comprises using magneto-optical imaging (MOI) techniques
for imaging the magnetic field across the magnetic stripe,
processing the image to recover clocking flux transitions,
measuring the width of clock transitions, and processing the data.
Analysis and experimentation demonstrate that variations in the
widths of clocking flux transitions, hereinafter referred to as
"jitter," in counterfeit cards are greater than the widths of
clocking flux transitions in original cards. The difference in
jitter can be attributable to decreased quality control and
inferior machinery used in fabricating counterfeit cards.
[0007] In another embodiment, a method of detecting counterfeit
magnetic stripes comprises using a reader connected to an audio
sink to scan the magnetic stripe of a card. As the read head scans
the magnetic stripe, a voltage waveform is generated, in accordance
with Faraday's Law. The peaks of the waveforms represent the
magnetic flux transitions encoded on the magnetic stripe. Using
these waveform peaks as reference points, the voltage waveform can
be processed and the distance between peaks can be used to measure
the jitter on a particular magnetic stripe.
[0008] The methods and devices described herein: (1) can be
deployed at point of sale without further modification or
replacement of existing magnetic stripe cards; (2) offer broader
applicability to include cards that do not merit costs of
introduction of EMV standards (e.g., gift cards, copy cards); and
(3) have a low cost of implementation with most point of sales
systems, creating a more attractive alternative to adoption of EMV
standards.
BRIEF DESCRIPTION OF DRAWINGS
[0009] FIG. 1 shows a diagram of a clock cycle's relations to plain
text under F2F encoding.
[0010] FIG. 2 shows an image of a retail gift card with an exposed
PIN number.
[0011] FIG. 3 shows an image of a magneto-optical microscope.
[0012] FIG. 4 shows a stitched image of a subsection of a magnetic
stripe.
[0013] FIG. 5 shows an image of the comparison of clock flux
transition distances between an original and its counterfeit
copy.
[0014] FIG. 6 shows a plot of the jitter over a length of a card
for an original card (green, lower-most line) and its counterfeit
copy (blue, upper-most line).
[0015] FIG. 7 shows an image of a modified card reader and its
functionally equivalent electric circuit diagram.
[0016] FIG. 8 shows a plot of motor signal period versus card
distance traveled, demonstrating a comparison between swiping
speeds.
[0017] FIG. 9 is a table showing experimental results of low
quality open card types and high quality cards open and closed card
types.
[0018] FIG. 10 is a plot of a receiver operating characteristic
(ROC) for high quality cards.
[0019] FIG. 11 is a plot of an ROC curve for low-quality cards.
[0020] FIG. 12 is a plot of a kernel density estimate for all
swipes ID 4 original and copied cards.
[0021] FIG. 13 is a plot of a kernel density estimate for all
swipes of ID 1 original and copies cards.
[0022] FIG. 14 is a plot of an ROC curve for all obtained credit
and debit cards.
[0023] FIG. 15 is a plot of a kernel density estimate for all
obtained credit/debit cards.
[0024] FIG. 16 is an image of a ZCS150 motorized device.
[0025] FIG. 17 is an image of an HID Fargo DTC5500LMX device.
[0026] FIG. 18 is plot of a kernel density estimate comparing
university ID cards produced by a HID Fargo DTC5500LMX device with
gift card ID 4.
[0027] FIG. 19 is a flow chart of the steps of determining whether
a magnetic stripe is counterfeit according to an embodiment of the
subject invention.
DETAILED DESCRIPTION
[0028] Legitimate magnetic stripe cards are generally fabricated in
quality controlled environments encoded with data using a
frequency/double frequency (F2F) technique. The F2F technique
encodes binary data magnetically onto the magnetic stripes through
flux transitions. These flux transitions occur at least once during
the rising edge of the clock cycle. A single flux transition in a
full clock cycle is as expressed as decoded binary 0. An additional
flux transition occurring at the falling edge of the clock cycle
expresses a decoded binary 1.
[0029] FIG. 1 illustrates how a shift in the magnetic polarity
during the half or full clock cycle translates to a binary 0 or 1.
A magneto-optical microscope, as seen in FIG. 3, can scan across a
magnetic stripe and measure a change in the magnetic polarity 110
at each full or half clock cycle 100. The magnetic polarity can be
visually described across a magnetic stripe 120 with directional
arrows. The signals 130 received by the magneto-optical microscope
from the magnetic stripe can be decoded into binary 0's or 1's 140.
If the magnetic polarity shifts after a full clock cycle a binary 0
can denoted. Otherwise if the magnetic polarity shifts after a half
clock cycle, a binary 1 can be denoted.
[0030] Although the F2F encoding process can be expected to
generate near uniform width of clock cycles across the magnetic
stripe, variations (i.e., jitter) in the physical length (the bit
length) do occur. Jitter is a naturally occurring phenomenon of the
manufacturing process. ISO/IEC (International Organization for
Standardization (ISO)/International Electrotechnical Commission
(IEC)) standards allow for an acceptable variation rate of +/-10%.
Experimental results demonstrate that the length of variations in
the width of clock cycles in counterfeit magnetic stripes exceed
the length of variations of magnetic stripes produced in quality
controlled environments. This variation in jitter can be exploited
to differentiate an original card from a counterfeit card.
[0031] FIG. 2 is an image of a gift card purchased at retail with
an unmasked personal identification number (PIN) 200 hidden behind
a paper sleeve. These PINs can be easily copied by an adversary, is
purchased to steal the card's funds.
[0032] Counterfeit magnetic stripes can be detected by using a
magneto-optical imaging (MOI) technique to directly observe and/or
image the stray magnetic field encoded onto magnetic stripes. FIG.
4 shows a subset of stitched imaged of magnetic flux transitions
generated through the MOI technique. The upper track (Track 1) 300
shows magnetic flux transitions at 210 bits per inch, and the lower
track 310 (Track 2) shows magnetic flux transitions 75 bits per
inch. The red (every other stripe starting with the left-most
stripe in Track 2 310 and the second-left-most stripe in Track 1
300) stripes represent positive B.sub.Z, and the blue (every other
stripe starting with the left-most stripe in Track 1 300 and the
second-left-most stripe in Track 2 310) stripes represent the
negative B.sub.Z. After development of images through the MOI
technique, the images can be processed and measurements of the
width of the flux transitions can be taken directly from the image
and recorded.
[0033] FIG. 5 shows two images of the magnetic flux transitions and
measured clock distance of an identical section of an original 400
and counterfeit 410 credit card. Visual inspection and measured
distances verify that the distances between clock cycles vary with
greater frequency in the counterfeit cards compared with the
original cards.
[0034] FIG. 6 shows a plot of distances between flux transitions
across an entire original card and a counterfeit card. It is
apparent from this graph that a distinctly larger variation of
jitter exists across the counterfeit card than the original
card.
[0035] Counterfeit magnetic stripes can also be detected by
obtaining measurements directly through magnetic read head devices.
As previously discussed, magnetic stripe cards are encoded with
binary data through the F2F technique. When a magnetic stripe is
swiped across a read head, the magnetic flux transitions create a
voltage, in accordance with Faraday's law. A waveform with peaks
denoting magnetic flux transitions can be generated by attaching
the read head to an audio sink (e.g., a microphone input).
[0036] FIG. 6 is a plot illustrating the difference in physical
distances between clocking flux transitions on an original credit
card and its copy. The variation in physical distance between
transitions is the jitter of each card. This plot demonstrates
provides empirical data that an original card has less jitter than
its corresponding copy.
[0037] FIG. 7 is an image of a read head device and its
functionally equivalent circuit diagram with R1 representing
resistance and V1 representing the voltage created by the magnetic
flux transitions. The two parallel lines 500 represent a
transformer core made from ferromagnetic material. After the analog
waveform is read, it is processed and converted to a digital signal
for processing. Measurements of the voltage peaks can be taken to
determine the distances between magnetic flux transitions.
[0038] FIG. 8 is a plot of the difference in the signals received
from an encoder's rotary motor between a fast swipe of a card
across a reader versus a slow swipe of the card. It is difficult to
hand-swipe a card at a consistent, slow rate. This plot
demonstrates that the linear response of the fast swipe verse the
non-linear response of the slow swipe can be detected. It is
disadvantageous, therefore, to adversaries to attempt to avoid
detection by intentionally slowly swiping a card. Faster swipes
provide more accurate, consistent results.
[0039] FIG. 9 is a table of the experimental results obtained when
subjecting gift/stored value cards to the counterfeit detecting
system.
[0040] FIG. 10 is an ROC curve for high-quality cards and shows
that the strongest detection capability for all cards with only a
single swipe.
[0041] FIG. 11 is an ROC curve for low-quality cards and shows good
detection by the system even in non-optimal conditions.
[0042] FIG. 12 shows a kernel density estimate for all swipes of ID
4 original and copied cards. This figure shows the large difference
between measured jitter variance in these two sets.
[0043] FIG. 13 is a kernel density estimate for all swipes of ID 1
original and copied cards. The overlap between the two
distributions is a result of low-quality manufacturing processes
and materials.
[0044] FIG. 14 is an ROC curve for obtained credit and debit cards.
The curve is plotted twice, once by comparing all swipes and
another with a simple majority voting scheme.
[0045] FIG. 15 is a kernel density estimate for all original
credit/debit cards and their copies. FIG. 15 shows the large
difference between measured jitter variance in these two sets.
[0046] FIG. 18 is a kernel density estimate comparing university ID
cards produced by the HID Fargo DTC5500LMX device with gift card ID
4. This device is two orders of magnitude more expensive than a
Misiri-style encoders but also produces cards with high jitter.
[0047] Counterfeit magnetic stripes can be detected by determining
how much a card's measured jitter varies from the mean to obtain a
critical value (V.sub.J) and comparing the V.sub.J of the subject
card to that of a standard. First, the absolute locations (p.sub.0
. . . p.sub.m) of the clocking peaks can be determined. These
values can be stored into vector D containing the distance (in
samples) between peaks:
D=p.sub.1-p.sub.0 . . . p.sub.m-p.sub.m-1 (1)
[0048] Second, the distance of this vector, the measured jitter of
the subject card, can be stored in J, a vector of length m-1:
J=D.sub.1-D.sub.0| . . . |D.sub.m-1-D.sub.m-2 (2)
[0049] Third, the initial 10% of the values in J can be discarded,
though this is not necessary. The values can be discarded to remove
the influence of the initial acceleration of the card as it is
swiped. This acceleration can exert influence and distort the
results.
[0050] Fourth, the value of V.sub.J of J can be computed, where
.mu..sub.J is the mean of J and |J| is the length of J:
V J = k = 0 J - 1 ( J k - .mu. J ) 2 J ( 3 ) ##EQU00001##
[0051] Then, the value of V.sub.J can be compared with a known or
standard V.sub.J. Higher values of V.sub.J indicate greater degree
of fluctuation of jitter.
[0052] In an embodiment, a method of determining whether a card is
legitimate or a counterfeit can be as seen in FIG. 19. A system
user can swipe or direct to be swiped the magnetic striped card
across a magnetic read head S100. The magnetic read head detects
the magnetic waveform encoded on the magnetic stripe S110. A
computer, processor, computing device, or other machine capable of
processing reads the magnetic encoding to either decode an analog
signal to obtain card data S120 or recover the clock signal from
the waveform S130. If the system user chooses to decode S120, a
next step can be to request additional card swipes if needed S160.
If the system user chooses to recover the clock signal S130 the
next step can be to measure the width of the clock signals S140.
This can be followed by measuring the first order difference of the
clock signal widths S150. The variance of differences in clock
width cycles can be then measured S170. This can be followed by
comparing the variance to an expected threshold S180.
[0053] Additional swipes and/or dips can be requested as needed
S160. At this point, if a suspicious card is detected S190 the
employee can manually inspect the card S200. The transaction could
be considered to fail and cancelled S210 if that is the policy or
if the card does not appear legitimate, the transaction should
fail. If the card appears legitimate (and the policy of the
business is to only fail upon a suspicious visual inspection
result) or a suspicious card was not initially detected, the
transaction should be processed towards completion S220.
[0054] The methods and processes described herein can be embodied
as code and/or data. The software code and data described herein
can be stored on one or more machine-readable media (e.g.,
computer-readable media), which may include any device or medium
that can store code and/or data for use by a computer system. When
a computer system and/or processor reads and executes the code
and/or data stored on a computer-readable medium, the computer
system and/or processor performs the methods and processes embodied
as data structures and code stored within the computer-readable
storage medium.
[0055] It should be appreciated by those skilled in the art that
computer-readable media include removable and non-removable
structures/devices that can be used for storage of information,
such as computer-readable instructions, data structures, program
modules, and other data used by a computing system/environment. A
computer-readable medium includes, but is not limited to, volatile
memory such as random access memories (RAM, DRAM, SRAM); and
non-volatile memory such as flash memory, various
read-only-memories (ROM, PROM, EPROM, EEPROM), magnetic and
ferromagnetic/ferroelectric memories (MRAM, FeRAM), and magnetic
and optical storage devices (hard drives, magnetic tape, CDs,
DVDs); network devices; or other media now known or later developed
that is capable of storing computer-readable information/data.
Computer-readable media should not be construed or interpreted to
include any propagating signals. A computer-readable medium of the
subject invention can be, for example, a compact disc (CD), digital
video disc (DVD), flash memory device, volatile memory, or a hard
disk drive (HDD), such as an external HDD or the HDD of a computing
device, though embodiments are not limited thereto. A computing
device can be, for example, a laptop computer, desktop computer,
server, cell phone, or tablet, though embodiments are not limited
thereto.
[0056] The subject invention includes, but is not limited to, the
following exemplified embodiments.
Embodiment 1
[0057] A method for detecting a counterfeit magnetic stripe, the
method comprising:
[0058] providing an encoded magnetic stripe;
[0059] placing the encoded magnetic stripe under a magneto-optical
imaging device;
[0060] imaging, by the magneto-optical imaging device, a magnetic
stripe image of the encoded magnetic stripe; and
[0061] providing a (non-transitory) machine-readable medium (e.g.,
a (non-transitory) computer-readable medium) connected to the
magneto-optical imaging device (and comprising machine-executable
instructions stored thereon, that when executed by a processor in
operable communication with the machine-readable medium, performs
the following: [0062] receive the magnetic strip image; [0063]
process the magnetic stripe image to recover each clocking flux
transition along the encoded magnetic stripe; [0064] identify each
location of the clocking flux transitions along the encoded
magnetic stripe; [0065] measure a distance between each successive
clocking flux transition; [0066] calculate a variance of the
measured distances between each of the successive the clocking flux
transitions; [0067] determine a critical value (V.sub.J) based on
the mean of the measured distances of the clocking flux
transitions; [0068] compare the critical value V.sub.J of the
encoded magnetic stripe to a standardized value for V.sub.J; and
[0069] determine whether the encoded magnetic stripe is counterfeit
based on the compared critical value V.sub.J of the encoded
magnetic strip and the standardized value for V.sub.J.
Embodiment 2
[0070] The method of embodiment 1, wherein the magnetic strip is
encoded with frequency/double frequency (F2F) technique or other
Differential Manchester encoding technique.
Embodiment 3
[0071] The method according to any of embodiments 1-2, wherein the
magneto-optical imaging device is a magneto-optical microscope
using a bismuth substituted yttrium iron garnet growth over a
gadolinium gallium substrate, covered by an aluminum reflective
layer, and a sapphire protection layer as a magneto-optical
indicator film.
Embodiment 4
[0072] The method according to any of embodiments 1-3, wherein a
first 10% of the distances between clocking flux transitions are
discarded and not used in determining V.sub.J, and wherein the
first 10% refers to the initial 10% of a spatial distance along the
encoded magnetic stripe.
Embodiment 5
[0073] The method according to any of embodiments 1-4, wherein, if
the V.sub.J of the magnetic stripe differs from the standardized
value for V.sub.J by more than a predetermined threshold value, the
magnetic stripe is determined to be counterfeit.
Embodiment 6
[0074] The method according to any of embodiments 1-5, wherein the
processor is further configured to insert the absolute locations of
each clocking flux transition in a vector D as follows:
D=p.sub.1-p.sub.0 . . . p.sub.m-p.sub.m-1
[0075] wherein p.sub.k is a location of clocking flux
transition.
Embodiment 7
[0076] The method of embodiment 6, wherein the processor is further
configured to take a distance of vector D and store the distance in
vector J as follows:
J=D.sub.1-D.sub.0| . . . |D.sub.m-1-D.sub.m-2.
Embodiment 8
[0077] The method of embodiment 7, wherein determining the V.sub.J
of the magnetic stripe comprises using the following formula:
V J = k = 0 J - 1 ( J k - .mu. J ) 2 J , ##EQU00002##
[0078] wherein, .mu..sub.J is the mean of J, and |J| is the length
of J.
Embodiment 9
[0079] The method of embodiment 8, wherein the measurement of
distances is only the distances between full-clock transitions and
any measured distances between half-clock transitions are
discarded.
Embodiment 10
[0080] A method for detecting a counterfeit magnetic stripe, the
comprising:
[0081] providing an encoded magnetic stripe;
[0082] swiping the encoded magnetic stripe through a card reader to
generate an analog waveform,
[0083] wherein the card reader is connected to an audio sink;
and
[0084] providing a (non-transitory) machine-readable medium (e.g.,
a (non-transitory) computer-readable medium) connected to the card
reader (and/or to the audio sink) (and comprising
machine-executable instructions stored thereon, that when executed
by a processor in operable communication with the machine-readable
medium, perform the following: [0085] process the analog waveform
to a binary waveform; [0086] measure a distance between clocking
flux transitions of the binary waveform; [0087] determine a
variance of the measured distances between the clocking flux
transitions; [0088] determine a critical value (V.sub.J) based on a
mean of the measured distances between the clocking flux
transitions; and [0089] determine whether the encoded magnetic
stripe is counterfeit based upon the critical value.
Embodiment 11
[0090] The method according to embodiment 11, wherein the first 10%
of the distances between clocking transitions are discarded and not
used in determining V.sub.J, and wherein the first 10% refers to
the initial 10% of a spatial distance along the encoded magnetic
stripe.
Embodiment 12
[0091] The method of embodiment 11, wherein, if the V.sub.J of the
magnetic stripe differs from the standardized value for V.sub.J by
more than a predetermined threshold value, the magnetic stripe is
determined to be counterfeit
Embodiment 13
[0092] The method according to any of embodiments 11-12, wherein
the processor is further configured to insert the absolute
locations of each clocking flux transition in a vector D as
follows:
D=p.sub.1-p.sub.0 . . . p.sub.m-p.sub.m-1
[0093] wherein p.sub.k is a location of clocking flux
transition.
Embodiment 14
[0094] The method of embodiment 13, wherein the processor is
further configured to take a distance of vector D and store the
distance in vector J as follows:
J=D.sub.1-D.sub.0| . . . |D.sub.m-1-D.sub.m-2.
Embodiment 15
[0095] The method of embodiment 14, wherein determining the V.sub.J
of the magnetic stripe comprises using the following formula:
V J = k = 0 J - 1 ( J k - .mu. J ) 2 J , ##EQU00003##
[0096] wherein, .mu..sub.J is the mean of J, and |J| is the length
of J.
Embodiment 16
[0097] The method according to any of embodiments 10-15, wherein
the measurement of distances is only the distances between
full-clock transitions.
Embodiment 17
[0098] A counterfeit card detecting apparatus, comprising:
[0099] a card reader connected to an audio sink;
[0100] an audio sink connected to the card reader to generate an
analog waveform; and a (non-transitory) machine-readable medium
(e.g., a (non-transitory) computer-readable medium) connected to
the card reader (and/or to the audio sink) and comprising
machine-executable instructions stored thereon, that when executed
by a processor in operable communication with the machine-readable
medium, performs the following: [0101] detect an analog waveform
across the length of the encoded magnetic stripe; [0102] detect a
plurality of peaks of the analog wave form; [0103] measure a
distance between each successive pair of peaks of the analog
waveform; [0104] calculate a variance of the measured distances
between each of the successive the clocking flux transitions;
[0105] determine a critical value (V.sub.J) based on the mean of
the measured distances of the clocking flux transitions; [0106]
compare the critical value V.sub.J of the encoded magnetic stripe
to a standardized value for V.sub.J; and [0107] determine whether
the encoded magnetic stripe is counterfeit based on the compared
critical value V.sub.J of the encoded magnetic strip and the
standardized value for V.sub.J.
Embodiment 18
[0108] The apparatus of embodiment 17, wherein the processor is
further configured to the only measure distances between full-clock
transitions and any measured distances between half-clock
transitions are discarded.
Embodiment 19
[0109] The apparatus of embodiment 18, wherein the processor is
further configured to:
[0110] discard the first 10% of the spatially located distances
between clocking flux transitions prior to determining V.sub.J,
[0111] wherein the first 10% refers to the initial 10% of a spatial
distance along the encoded magnetic stripe.
Embodiment 20
[0112] The apparatus of embodiment 19, wherein the processor is
further configured to determine the encoded magnetic stripe is
counterfeit if the V.sub.J of the magnetic stripe differs from the
standardized value for V.sub.J by more than a predetermined
threshold value.
[0113] A greater understanding of the present invention and of its
many advantages may be had from the following examples, given by
way of illustration. The following examples are illustrative of
some of the methods, applications, embodiments and variants of the
present invention. They are, of course, not to be considered as
limiting the invention. Numerous changes and modifications can be
made with respect to the invention.
Example 1--Confirmation of Phenomenon
Magneto-Optical Microscope
[0114] Magneto-optical imaging (MOI) techniques can be used to
detect stray magnetic fields encoded on magnetic stripe cards. A
high-resolution magneto-optical microscope that adapted the MOI
technique onto a conventional metallurgical microscope was utilized
for measuring and quantifying the encoded data present on the
magnetic stripe. The system enabled measurement of stray fields
with 6 .mu.m spatial resolution over a 2.7 mm.times.2.1 mm field of
view.
[0115] The microscope operates with a magneto-optical indicator
film (MOIF). This enables the microscope to measure the encoded
magnetic field in the z-direction, in accordance with the Faraday
effect. The Faraday effect is an optical phenomenon wherein a
rotation of the plane of polarization in a light wave, caused by
the interaction between light and the MOIF, is proportional to the
external magnetic field. Proper calibration and validation yields a
quantification mechanism of the z component of the magnetic flux
density (B.sub.z) in units of Teslas. The MOIF can be a bismuth
substituted yttrium iron garnet growth over a gadolinium gallium
substrate (transparent and with no contribution to the Faraday
rotation) and can be covered by an aluminum reflective layer and a
sapphire protection layer. Two calibrated types of MOIF can be used
with a 5.times. magnification microscope: 1) 45 mT magnetic field
range with +0.5 mT field resolution and +6.2 .mu.m spatial
resolution, and 2) .+-.230 mT magnetic field range with .+-.1 mT
field resolution and 20.1 .mu.m spatial resolution.
[0116] Cards can be loaded on the microscope stage and secured to
prevent movement and ensure a planar surface. In order to generate
a complete image of a stripe across a card, multiple images of 2660
.mu.m.times.2128 .mu.m were taken and stitched together. FIG. 4
shows such an image generated from the microscope. The positive and
negative peaks correspond with the magnetic bit transitions, as
shown in FIG. 1. Because this technique directly images the
magnetization (stored bits), it provides a reliable and accurate
technique to measure the distance between those transitions (to
within 6 .mu.m accuracy). By comparing images of an original card
with its copy, it is possible to measure dimensional variations
that arise in the magnetic stripe writing mechanism of the card
encoder.
Encoder
[0117] A Misiri MSR705 card encoder was purchased to fabricate a
counterfeit card. To read the speed of the card as it passes over
the write head, the encoder has a small rotary encoder attached to
a wheel in the track. As the card passes through the track, the
wheel turns, causing the motor to output a continuous sinusoid
wave. Increased frequency in the waveform corresponds to faster
speeds. The resolution of this motor was measured at 50 .mu.m.
[0118] The encoder was chosen because it is inexpensive, readily
available, and similar to encoders used in card cloning
instructional videos. Once the source card is swiped, the data
appears on-screen and copy can be created. The destination card is
verified to ensure the data on the card is correct. The encoder
does not make a perfect copy of the original analog encoding; it
simply reads the binary data on the source card and writes a new
analog track onto the destination card. As a result, the jitter
present on the destination card is not related to any jitter
present on the original. Instead, it is the result of the
mechanical limitations of the encoder wheel.
[0119] An original credit card and a copy of that card created with
the encoder were both examined. 43 images of each card were
captured using a .+-.230 mT MOIF, with each picture slightly
overlapping to capture the entirety of the cards' second tracks.
FIG. 4 shows one of the captured images. Each pixel in the image is
exactly 2:08 .mu.m. These images show "ground truth"
measurements.
[0120] Next, the clocking flux transitions were recovered. The
image processing code averages adjacent pixels in the image to
reduce the ability for imperfections in the MOIF to influence the
results. The output of this process can be described as a waveform,
with the most intense regions in the image as peaks in the
waveform.
[0121] The remainder of the process is identical to reading a card.
The locations of the flux transitions were identified using the
peaks of the waveform, the distance between the peaks was measured,
and whether each transition is on the clock or the half-clock was
determined. After discarding any half-clock transitions, the
remaining data contains only those transitions which represent the
clock.
[0122] FIG. 5 shows images from an original card and its
corresponding clone. These images are of the same section of data
and show the measured distances between each of the clock
transitions. While some of the distances between transitions may
appear the same, a difference of only 5 pixels is 10:4 .mu.m in the
image.
[0123] The plot in FIG. 6 shows these same clock transition
distances of FIG. 5 over the entirety of both cards. The copied
card has highly-variable distances compared to the original, and so
the copied card has a higher amount of jitter. Accordingly, this
shows that variances in jitter can be used to distinguish original
cards and copies.
Example 2--Observation on Commodity Equipment
Audio Recording
[0124] An inexpensive magnetic stripe reader was purchased and some
existing electronic components were removed. The read head and a
resister were connected to 3.5 mm audio jack. FIG. 7 shows a
functionally equivalent circuit diagram to the modified magnetic
stripe reader seen above the circuit diagram. The circuit is
functionally identical to smartphone magnetic stripe readers and
the longer 17:5 cm track provides more consistent swipes.
[0125] The analog signal from the reader must then be converted to
a digital signal. Most consumer-grade audio analog-to-digital (ADC)
hardware (e.g., those found in laptops and smartphones) supports
audio capture at a maximum sampling rate at 44:1 kHz or 48 kHz.
Initial testing found that these rates are insufficient for
accurately detecting jitter. Higher-resolution equipment is able to
more accurately measure jitter on a wider variety of swipe speeds.
Therefore, a higher-resolution audio capture device (i.e., Sound
Blaster Audigy 2 NX) that supported a 96 kHz sampling rate was
used. The reader was connected to the microphone input on the
device, and the audio hardware was connected via USB to a laptop
running Ubuntu Linux. Audio recording software then captured the
microphone input while a card was swiped.
[0126] The analog waveform was decoded from F2F to binary, and the
binary was decoded to plaintext. The system also verified the
card's checksums and discarded any swipes that were not read
correctly. The system then measured the number of samples between
each clocking transition and outputs a vector of distance (in
samples).
Speed Variance
[0127] To determine if the use of commodity reading equipment
introduced several additional factors which might create error in
the results (for example, the average swipe speed, acceleration,
magnetic field strength, and curvature of the card material) the
following experiment was conducted.
[0128] Large inconsistencies in the speed of the card as it moves
across the read head can induce jitter in the audio waveform. This
artifact is intuitive; as the flux transitions pass the read head
slower or faster, the distance between them in the resulting
waveform respectively increases or decreases. Therefore, swipes
should be captured at a consistent speed.
[0129] To demonstrate how swipe speeds might affect the accurate
recovery of jitter the speed sensor motor in the card encoder was
connected to an oscilloscope. This motor generated a constant
sinusoid wave which compresses the periods as the speed of the card
increases. A single card was swiped both fast and slow while
attempting to maintain a constant speed in the track for both fast
and slow swipes. FIG. 8 shows the differences in speed as well as
the difficulty in moving a card both consistently and slowly. The
fast swipe, though it continues accelerating in the track, provides
a relatively consistent speed when compared to the slow swipe.
[0130] To confirm the variance in clock-symbol placement is
detectable with commodity hardware system, an original credit card
and a copy of that card were swiped. Afterwards, the output from
both the original credit card and copy were compared. The original
card generated a smoother curve, indicating that it has less jitter
than the copy. The measured V.sub.J for the original card was 0.531
and the copy was 0.709, also showing the expected difference for
both cards. Therefore, V.sub.J can be measured with commodity
hardware.
Example 3
Gift and Stored Value Cards
[0131] To test the effectiveness of the system the following
experiment was conducted. Walmart agreed to assist and provided 5
types of open- (e.g., Visa) and closed-loop (same retailer only)
cards consisting of 650 individual cards. Each card was cloned and
swiped/recorded at least 10 times and any unreadable swipes were
discarded. In total, 12,919 audio waveforms were obtained for
analysis. FIG. 9 shows the breakdown of each type of card.
[0132] The obtained cards were manufactured in a wide range of
qualities. The reloadable cards are made from a typical glossy card
stock and stripe material, whereas the non-reloadable cards were
matte and made from a much softer grade of plastic. It was noted
that after swiping the non-reloadable cards that the swiping
process had slightly shaved down the plastic. The lower quality of
these cards underscored that they are intended for a single use.
These cards often had low-coercivity stripes, which are more
sensitive to magnetization. As a result, these stripes were often
noisy, easily damaged, and produced non-ideal waveforms (i.e.,
rounder peaks). This made accurate measurement of VJ more difficult
by reducing the amplitude of peaks and therefore making peak
detection more difficult. The applicable ISO/IEC standards state
that in high-sensitivity systems, the magnetic characteristics of
high- and low-coercivity cards cause higher peak amplitude on
high-coercivity cards than low. These cards have visible
characteristics of being low-coercivity quality.
[0133] The effectiveness of the detector by card ID was also
examined. As opposed to credit and debit cards, where all merchants
accept any card in a payment network, many of gift and stored value
cards are intended for use at a specific merchant. Since the
merchant is both issuing and accepting the cards, it may wish to
set more specific detection thresholds or policies by card.
[0134] High Quality. FIG. 10 shows the receiver operating
characteristic (ROC) curve for detection of each of the
high-quality cards. Using only one swipe, the detector was able to
distinguish cards with accuracy ranging from 96.9% to 99.9%. FIG.
12 shows a kernel density estimate for all swipes for ID 4 using
the ROC's computed optimal threshold. Generally, FIG. 12 shows that
the detector was able to distinguish these cards with extremely
high accuracy.
[0135] Low Quality. As expected, the obtained non-reloadable,
lower-quality cards performed worse. FIG. 11 shows the ROC curve
for detection of each of low-quality cards. While accuracy was not
as strong as the high-quality cards, the detector reached a minimum
accuracy of 93.7%. Card ID 1 had the lowest performance with a
TPR/FPR of 85.8%/14.2%. Although these results may seem low, in
practice such a system is most likely to be used as a heuristic to
trigger manual inspection. The outcome of a detection (or negative
detection) is strictly a merchant policy issue; detection from the
described system does not imply that a transaction is rejected.
[0136] To demonstrate that the number of cards used in the
experiments provided a statistically significant result, a two
group (original, copy) independent means difference t-test was
performed. This test was a null hypothesis test, where the null
hypothesis was that the two means are equal. The null hypothesis
stated that there is no statistical difference between the jitter
measured on original cards and copies. This test was performed
twice: once for the sets of all copies and all originals (i.e., in
order to distinguish any original from any copy) and again for the
set of copies and originals for card ID 4 (i.e., in order to
distinguish a copy of card ID 4 from an original).
[0137] All cards. The calculated Cohen d-value of the sets of all
original and all copies was 1.192 and had an r-effect size of 0.51,
indicating a very large effect size. The p-value was <0:0001
with power of 1.0, which indicated an extremely high likelihood
that there was a statistical difference between original gift cards
and copies. Accordingly, the null hypothesis was rejected that the
results are statistically significant were confirmed.
[0138] ID 4. The calculated Cohen d-value of the sets of original
and copies for ID 4 was 2.385 and had an r-effect size of 0.77,
indicating a huge effect size. The p-value was <0:0001 with
power of 1.0, which indicated an extremely high likelihood that
there was a statistical difference between the originals and
copies. Accordingly, the null hypothesis was rejected confirming
that these results remained statistically significant.
Credit and Debit Cards
[0139] An analysis was performed on credit and debit cards.
University faculty and students provided credit cards and debit
cards having one of the four major payment network logos (Visa,
MasterCard, American Express, and Discover) to swipe and measure.
An institutional review board (IRB), was contact and indicated that
because the subject of the experiment was magnetic encodings and
not people themselves, no further IRB review or approval was
necessary. In total, 55 credit and debit cards were accessed from a
variety of issuers.
[0140] Each of the cards was cloned with an encoder, then swiped
using the described detector 10 times each. For each swipe, the
described system recorded the duration of the swipe and the
distance (both in number of samples) between each clocking flux
transition. Each card was manually inspected for physical defects
and extreme wear (e.g., cracks). All sensitive data was securely
deleted and the copies were physically destroyed (in the presence
of the cards' owners) to protect the security of the payment cards.
The machine used to capture this information was not connected to a
network during the experiments.
[0141] FIG. 14 shows the receiver operating characteristic (ROC)
curve for both the original and cloned credit and debit cards. FIG.
15 shows a kernel density estimate for all swipes from the above
experiment along with the computed optimal threshold using the ROC.
Generally, FIGS. 14 and 15 shows that the swipes demonstrated a
significant difference between jitter in original and copied
cards.
[0142] To reduce outliers caused by swipes with highly variable
speeds, each card was re-analyzed using an n-majority voting
system. In this system, the optimal threshold determined was fixed
in the generation of the ROC curve (where TPR-FPR is minimized).
All combinations of n swipes were examined and that the detector
alerts when
> n 2 ##EQU00004##
swipes are above the threshold was considered. With n=3, a TPR of
100% and a FPR of 0% is achieved. In dip-style readers, such as
those typically found at gas pumps and some ATMs, the act of
dipping the card produces two swipes, so in some cases no
additional swipes may be needed.
[0143] To demonstrate that the number of cards obtained in this
experiment provided a statistically significant result, a two group
(original, copy) independent means difference t-test was performed.
This test was a null hypothesis test, where the null hypothesis was
that the two means are equal. The null hypothesis stated that there
is no statistical difference between the jitter measured on
original cards and copies. The calculated Cohen d-value from the
individual swipe sets was 2.287 and had an r-effect size of 0.75,
indicating a very large effect size. The p-value was <0:0001
with power of 1.0, which indicated an extremely high likelihood
that there was a statistical difference between original
credit/debit cards and copies. Accordingly, the null hypothesis was
rejected and that the results were statistically significant was
confirmed.
Mechanical Swiping
[0144] One obvious evasion tactic by adversaries is to develop or
acquire an automatic encoding machine to remove jitter induced by
hand-swiping cards. Attaining the required micron-scale precision,
however, is much more difficult than a simple, do-it-yourself
motorized card track. The equipment must move the card at a
precise, constant rate. While unable to prove a negative (i.e.,
that there exists no commercial encoder capable of producing
low-jitter cards), two publicly-available motorized magnetic stripe
devices are examined below.
[0145] A ZCS Technology ZCS150 was purchased, as shown in FIG. 16,
online. This device is designed to be used in ATM-style terminals
and pulls the card over the magnetic head with a motor as the card
enters or exits the device. Although this inexpensive device is not
capable of encoding magnetic stripe cards, an initial attempt was
made to modify it to directly to do so. The hardware contained
security features to prevent modification, and the attempts to
augment the capabilities of this device were unsuccessful. An
attacker trying to repurpose this device would face similar
difficulty. However, this device does not need to be converted into
an encoder to determine whether or not it could produce more
consistent cards if the attacker could evade the security features.
Instead, because the ZCS150 does not contain the control system to
precisely detect card position and simply interacts with the card
assuming consistent movement rate within the ISO specified range,
the acceleration of a card in the ZCS150 can be measured whether it
is substantially less variable than doing so by hand can be
determined.
[0146] An accelerometer was attached to a card, then the device was
allowed to draw in the card 10 times. For comparison, the same
accelerometer was attached to a wristband and hand swiped a card 10
times. Cards read by the ZCS150 exhibited an average acceleration
of -50 mm/s.sup.2 whereas those done by hand were .about.30
mm/s.sup.2. This means that contact with magnetic stripe cards was
consistent (i.e., the speed varied little in each case), making
hand-swiping nearly identical (and, in fact, slightly more
consistent) to adding a simple motor to the encoding process. The
additional variation in the ZCS150 can possibly be attributed to
sources of friction within the unit (e.g., a ledge that pushes that
card against the read head). Accordingly, there is no obvious
reduction in jitter simply by adding a small motor and an adversary
would not be able to avoid our detection via this simple
strategy.
[0147] An HID Fargo DTC5500LMX, as shown in FIG. 17, is used in
colleges to automatically print, laminate, and encode student and
faculty ID cards. An attacker with such a device could produce
realistic-looking gift card clones complete with a branded face.
While unable to produce arbitrary cards with this device, the VJ
values of two cards produced by this device were examined. Here,
the cards produced by the Fargo device were considered to be
counterfeits by assuming the attacker has control of this
device.
[0148] FIG. 18 shows the distribution of 150 swipes each of two
university ID cards as it compared with gift card ID 4. Despite
this device being nearly two orders of magnitude more expensive
than a Misiri-style encoder, it also produces cards with high
jitter compared to the gift cards.
Example 4
[0149] Manufacturers realize that gift cards are typically used a
few times then discarded. As a result, gift cards are not required
to be produced as robustly as credit or debit cards. As explained
earlier the magnetic stripes of gift cards can be classified as
having a lower coercivity than credit or debit cards. An analysis
was performed to determine whether the manufacturers' decisions for
gift cards affected the reliability of the detection system.
[0150] Initially, 94 cards from 31 different brands were obtained
for experimentation. 24 of the cards were open-loop gift cards and
the remainders were closed-loop gift cards. Open loop cards can be
characterized as cards in which the holder can make purchases
generally anywhere a credit or debit card is accepted. Closed loop
cards can be characterized as cards in which the holder can make
purchases at a single company. For this experiments gifts cards
included other cards, such as reloadable copier cards and rewards
cards. These were considered gift cards as they contain encoded
data on magnetic stripes manufactured for a single merchant.
[0151] In order to test the detection system in real world
conditions, gift cards that had been previously exposed to
realistic conditions were pursued. The magnetic stripe of each gift
card was scanned to ensure the cards were readable and that it
matches the information printed on the card. Cards that did not
read properly were further examined under a Matesy minimo 4 device
equipped with a Type A (.+-.2:5 mT) MOIF. This device provided
qualitative measurements of the magnetic field across the magnetic
stripe. The device was used to rule out the possibility that the
inability to read is due to the detection system rather than a
result of weak or damaged magnetic stripes. This process resulted
in 16 unreadable cards being removed from the set.
[0152] First, the detection system was administered to closed loop
cards determine the reliability of the results. The experimentation
steps were the same as with credit and debit cards. Each card was
read and then copied by the encoder. Both the original and
counterfeit gift cards were swiped 10 times. The system recorded
the duration of each swipe and the distance (both in number of
samples) between each clocking flux transition.
[0153] The resulting values for original and counterfeit cards were
remarkably different than credit or debit cards. Correct detection
for arbitrary individual swipes was 65.3% true positive rate (TPR)
with a 34.67% false positive rate (FPR). A majority voting scheme
coupled with the optimal threshold calculated over 3 swipes
increased TPR slightly to 68.4% and reduced FPR to 32.6%.
[0154] To further understand this behavior, the same two-group
(original, copy) independent means difference t-test as with credit
and debit cards was used. In the instant case, the null hypothesis
was that there is no statistical difference between measured jitter
on the original and counterfeit cards. The calculated Cohen's
d-value was 0.316 from the individual swipe sets and the r-effect
size was 0.16. Although the effect size is smaller than that for
credit or debit cards, the calculated p-value was 0.05 with a power
of 0.999. Accordingly, the null hypothesis was rejected and a high
probability of a distinct statistical difference exists between the
original closed-loop gift cards and counterfeit cards.
[0155] The following step compared the V.sub.J values of the
original and counterfeit closed-loop gift cards. The earlier
experimentation suggested that the V.sub.J values of counterfeit
cards should exceed the original card, however 24 (25%) of the
counterfeit cards had decreased variance from the original cards.
Through further experimentation, it was discovered that these 24
cards produced smoother curves along when analog waveform is
recorded. The detection system relies upon sharper peaks for
accurate measurement of the clock flux transitions and smoother
curves induce error.
[0156] Credit and debit cards are fabricated with higher-coercivity
stripes, which are more resilient and resistant to changes in the
magnetic field. As gift card are manufactured with lower-coercivity
stripes, the cards are more susceptible to damage and noise.
Variations in performance occur within lower-coercivity stripes
depending upon manufacturing decisions.
[0157] FIG. 11 presents two Chipotle.RTM. gift cards, each with
lower-coercivity stripes. The circled portions highlight the noise
contained in the brown stripe. This additional noise manifests
itself into smoother curves in the analog waveform and thus
inhibiting the reliability of the results. FIG. 12 presents the ROC
for different stripe colors. The influence of the coercivity of the
magnetic strips on the reliability of the results becomes apparent
in the graphs. Black stripes with majority voting result in the
best detection rates of TPR value of 81.4% and FPR value of 19.0%.
Conversely, the worst detection rate was on the gold stripes with
TPR of 56.0% and FPR of 44.0% FPR. Although further experimentation
revealed that although color is a good heuristic indicator for the
coercivity of a card, it is not always a reliable indicator of the
level of coercivity.
[0158] The same two-group (original, copy) independent means
difference t-test as with credit and debit cards was performed
against the closed-loop gift card set. In the instant case, the
null hypothesis was that there is no statistical difference between
measured jitter on the original and counterfeit cards. The
calculated Cohen's d-value was 0.316 from the individual swipe sets
and r-effect size was 0.16. Although the effect size is smaller
than that for credit or debit cards, the calculated p-value was
0.05 with a power of 0.999. Accordingly, the null hypothesis was
rejected and a high probability of a distinct statistical
difference exists between the original closed-loop gift cards and
counterfeit cards.
[0159] Additionally, the detection system was tested on 26
open-loop gift cards. The experimentation steps were the same as
with credit and debit cards. Each card was read and then copied by
the encoder. Both the original and counterfeit gift cards were
swiped 10 times. The system recorded the duration of each swipe and
the distance (both in number of samples) between each clocking flux
transitions. The V.sub.J values of the original and counterfeit
closed loop gift cards were compared and 23 of 26 of the original
cards displayed a lower variance than the counterfeit cards. By
examining arbitrary swipes, a TPR of 75.8% and a FPR of 24.2% were
obtained. A majority voting scheme coupled with the optimal
threshold calculated over arbitrary swipes yielded an improved TPR
value of 88.5% and a reduced FPR value of 19.2%.
[0160] The same two-group (original, copy) independent means
difference t-test as with credit and debit cards was performed
against the open-loop gift card set. In the instant case, the null
hypothesis was that there is no statistical difference between
measured jitter on the original and counterfeit cards. The
calculated Cohen's d-value was 1.023 from the individual swipe sets
and r-effect size was 0.46. Although the effect size is smaller
than that for credit or debit cards, the calculated p-value was
0.0000001 with a power of 1.0. Accordingly, the null hypothesis was
rejected and a high probability of a distinct statistical
difference exists between original open-loop gift cards and
counterfeit cards. These results lead to the conclusion that
implementation of a majority voting scheme increases the
reliability of the detection system.
[0161] It should be understood that the examples and embodiments
described herein are for illustrative purposes only and that
various modifications or changes in light thereof will be suggested
to persons skilled in the art and are to be included within the
spirit and purview of this application.
[0162] All patents, patent applications, provisional applications,
and publications referred to or cited herein (including those in
the "References" section) are incorporated by reference in their
entirety, including all figures and tables, to the extent they are
not inconsistent with the explicit teachings of this
specification.
REFERENCES
[0163] [1] Card manufacturing.
https://www.fiserv.com/customer-channelmanagement/output-solutions/card-m-
anufacturing.aspx. [0164] [2] Magnetic Field Visualization.
http://www.matesy.de/en/products/magnetic-fieldvisualization/.
[0165] [3] Magnetic Stripe Analyser.
http://www.barnestest.com/wpcontent/uploads/2014/10/Barnes-Mag-Tester-Rev-
o-10-14.pdf. [0166] [4] PayPal. https://www.paypal.com. [0167] [5]
Square Cash. https://cash.me. [0168] [6] Welcome to MagnePrintR:
What is MagnePrint? http://www.magneprint.com/. [0169] [7] Some
retailers balking at pump upgrade for EMV cards.
http://www.nacsonline.com/Media/Daily/Pages/ND1008145.aspx, 2014.
[0170] [8] ABC News. Credit card thieves caught on tape using
skimmers, 2014. [0171] [9] ABC News. Why chip credit cards are
still not safe from fraud, 2016. [0172] [10] D. Abrazhevich.
Classification and characteristics of electronic payment systems.
In Electronic Commerce and Web Technologies, Lecture Notes in
Computer Science. Springer Berlin Heidelberg, 2001. [0173] [11] D.
Abrazhevich. Electronic Payment Systems: a User-Centered
Perspective and Interaction Design. Technische Universiteit
Eindhoven, 2004. [0174] [12] ACCPAconnection. Credit card skimming
operation, 2008. [0175] [13] Aftholderberg. HWR MagStripe
production at 15,000 cph.avi, 2011. [0176] [14] American
Underworld. Report on carding, skimming, 2012. [0177] [15] R.
Anderson and S. J. Murdoch. EMV: Why payment systems fail.
Communications of the ACM, 57(6), 2014. [0178] [16] M. Bond, O.
Choudary, S. J. Murdoch, S. Skorobogatov, and R. Anderson. Chip and
skim: Cloning EMV cards with the pre-play attack. In 2014 IEEE
Symposium on Security and Privacy (S& P), 2014. [0179] [17] G.
Bresiger. Unused gift cards total $44B since 2008: study, 26 Jan.
2014. [0180] [18] D. Chaum. Achieving electronic privacy.
Scientific American, 1992. [0181] [19] E. K. Clemons, D. C. Croson,
and B. W. Weber. Reengineering money: the mondex stored value card
and beyond. In Proceedings of the Twenty-Ninth Hawaii System
Sciences, 1996, International Conference on" volume 4, 1996. [0182]
[20] M. Corkery. Wells fargo fined $185 million for fraudulently
opening accounts. The New York Times, 2016. [0183] [21] M. Dautner.
Card fraud losses reach $21.84 billion in 2015, 2016. [0184] [22]
J. de Ruiter and E. Poll. Formal analysis of the EMV protocol
suite. In S. M{umlaut over ( )} odersheim and C. Palamidessi,
editors, Theory of Security and Applications, Lecture Notes in
Computer Science. Springer Berlin Heidelberg, 2011. [0185] [23] S.
Drimer and S. J. Murdoch. Chip & PIN (EMV) relay attacks.
[0186] [24] S. Drimer and S. J. Murdoch. Keep your enemies close:
Distance bounding against smartcard relay attacks. USENIX Security,
2007. [0187] [25] M. Hamblen. Chip card payment confusion, anger
rages on--Merchants blame card companies for delays in certifying
EMV software.
Computerworld--http://vvww.computerworld.com/article/3059379/mobile-payme-
nts/chip-card-payment-confusion-anger-rages-on.html, 2016. [0188]
[26] E. Harrell. Victims of identity theft, 2014, 2015. [0189] [27]
T. E. Holmes. Payment Method Statistics.
Creditcards.com--http://www.
creditcards.com/credit-card-news/payment-method-statistics-1276.php,
2015. [0190] [28] ISO. Identification cards--recording
technique--magnetic stripe--low coercivity. 7811-2:2014(E), 2014.
[0191] [29] ISO/IEC. Identification cards--recording
technique--magnetic stripe--high coercivity. 7811-6:2014/(E), 2014.
[0192] [30] JDFriend100. Cloning credit cards, 2009. [0193] [31] T.
H. Johansen and D. Shantsev. Magneto-Optical Imaging. Nato Science
Series II. Springer Netherlands, 2012. [0194] [32] T. L. Jones and
G. R. L. Higgins. Value transfer system, 1998. [0195] [33] J. P.
Morgan Chase. FAQ: Chip-enabled card acceptance (EMV). https://www.
chasepaymentech.com/faq emv chip card technology.html, 2016. [0196]
[34] G. O. Karame, E. Androulaki, and S. Capkun. Double-spending
fast payments in bitcoin. In Proceedings of the 2012 ACM Conference
on Computer and Communications Security (CCS), CCS '12, New York,
N.Y., USA, 2012. ACM. [0197] [35] B. Krebs. All about fraud: How
crooks get the CVV, 2016. [0198] [36] P. Lucas. Card makers look to
fill their EMV dance card, 2013.
http://www.digitaltransactions.net/news/story/Card-Makers-Look-To-Fill-Th-
eir-EMV-Dance-Card-. [0199] [37] M. S. Manasse and Others. The
millicent protocols for electronic commerce. In USENIX Workshop on
Electronic Commerce. usenix.org, 1995. [0200] [38] S. McQuay. Why
you might not see an emv-ready gas pump for a while, 2015. [0201]
[39] G. Medvinsky and C. Neuman. NetCash: A design for practical
electronic currency on the internet. In Proceedings of the 1st ACM
Conference on Computer and Communications Security, (CCS) '93,
1993. [0202] [40] S. Meiklejohn. If privacy matters, cash is still
king. The New York Times, 2013. [0203] [41] S. J. Murdoch, S.
Drimer, R. Anderson, and M. Bond. Chip and PIN is broken. In 2010
IEEE Symposium on Security and Privacy (S& P), 2010. [0204]
[42] S. Nakamoto. Bitcoin: A peer-to-peer electronic cash system,
2008. [0205] [43] B. C. Neuman. Proxy-based authorization and
accounting for distributed systems. In [1993] Proceedings. The 13th
International Conference on Distributed Computing Systems. [0206]
[44] B. C. Neuman and G. Medvinsky. Requirements for network
payment: the NetCheque perspective. In Compcon '95. `Technologies
for the Information Superhighway`, Digest of Papers, 1995. [0207]
[45] N. J. Nicol. No expectation of privacy in bank records--united
states v. miller. 26 DePaul L. Rev. 146, 1976. [0208] [46] D.
OMahony, M. Peirce, and H. Tewari. 7 electronic payment systems.
1997. [0209] [47] P. Panurach. Money in electronic commerce:
Digital cash, electronic fund transfer, and ecash. Communications
of the ACM, 39(6), 1996. [0210] [48] W. C. Patterson, N. Garraud,
E. E. Shorman, and D. P. Arnold. A magneto-optical microscope for
quantitative measurement of magnetic microstructures. The Review of
scientific instruments, 86(9), 2015. [0211] [49] B. Reaves, N.
Scaife, A. Bates, P. Traynor, and K. R. B. Butler. Mo(bile) money,
mo(bile) problems: analysis of branchless banking applications in
the developing world. In 24th USENIX Security Symposium (USENIX
Security 15), 2015. [0212] [50] C. Uriarte. Paythink gift card
fraud will be a major threat post-emv, 2015. [0213] [51] P. Wayner.
Digital Cash (2nd Ed.): Commerce on the Net. Academic Press
Professional, Inc., San Diego, Calif., USA, 1997.
* * * * *
References